svn commit: samba r10017 - in branches/tmp/RPCREWRITE/source: auth
registry rpc_client
jra at samba.org
jra at samba.org
Sat Sep 3 23:49:14 GMT 2005
Author: jra
Date: 2005-09-03 23:49:14 +0000 (Sat, 03 Sep 2005)
New Revision: 10017
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10017
Log:
smbd now builds. Still unsure about some of the changes in auth/auth_domain.c. Will
check these *carefully* against 3.0.x.
Jeremy.
Modified:
branches/tmp/RPCREWRITE/source/auth/auth_domain.c
branches/tmp/RPCREWRITE/source/registry/reg_cachehook.c
branches/tmp/RPCREWRITE/source/rpc_client/cli_netlogon.c
Changeset:
Modified: branches/tmp/RPCREWRITE/source/auth/auth_domain.c
===================================================================
--- branches/tmp/RPCREWRITE/source/auth/auth_domain.c 2005-09-03 23:23:14 UTC (rev 10016)
+++ branches/tmp/RPCREWRITE/source/auth/auth_domain.c 2005-09-03 23:49:14 UTC (rev 10017)
@@ -40,7 +40,7 @@
*
**/
-static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
+static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
const char *domain,
const char *dc_name,
struct in_addr dc_ip,
@@ -104,12 +104,22 @@
if(!netlogon_pipe) {
DEBUG(0,("connect_to_domain_password_server: unable to open the domain client session to \
machine %s. Error was : %s.\n", dc_name, cli_errstr(*cli)));
- cli_ulogoff(*cli);
cli_shutdown(*cli);
release_server_mutex();
return NT_STATUS_NO_LOGON_SERVERS;
}
+#if 0
+ /* JRA TESTME - do we need to do this to get the netlogon request to succeed ? */
+ ntresult = rpccli_netlogon_setup_creds(cmd_entry->rpc_pipe,
+ dc_name,
+ lp_workgroup(),
+ global_myname(),
+ trust_password,
+ sec_channel_type,
+ &neg_flags);
+#endif
+
/* We exit here with the mutex *locked*. JRA */
*pipe_ret = netlogon_pipe;
@@ -124,11 +134,12 @@
************************************************************************/
static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
- const auth_usersupplied_info *user_info,
- const char *domain,
- uchar chal[8],
- auth_serversupplied_info **server_info,
- const char *dc_name, struct in_addr dc_ip)
+ const auth_usersupplied_info *user_info,
+ const char *domain,
+ uchar chal[8],
+ auth_serversupplied_info **server_info,
+ const char *dc_name,
+ struct in_addr dc_ip)
{
NET_USER_INFO_3 info3;
@@ -149,8 +160,12 @@
/* rety loop for robustness */
for (i = 0; !NT_STATUS_IS_OK(nt_status) && retry && (i < 3); i++) {
- nt_status = connect_to_domain_password_server(&cli, domain, dc_name,
- dc_ip, &netlogon_pipe, &retry);
+ nt_status = connect_to_domain_password_server(&cli,
+ domain,
+ dc_name,
+ dc_ip,
+ &netlogon_pipe,
+ &retry);
}
if ( !NT_STATUS_IS_OK(nt_status) ) {
@@ -168,13 +183,19 @@
* in the info3 structure.
*/
- nt_status = cli_netlogon_sam_network_logon(cli, mem_ctx,
- NULL, user_info->smb_name.str, user_info->domain.str,
- user_info->wksta_name.str, chal, user_info->lm_resp,
- user_info->nt_resp, &info3);
-
- /* let go as soon as possible so we avoid any potential deadlocks
- with winbind lookup up users or groups */
+ nt_status = rpccli_netlogon_sam_network_logon(netlogon_pipe,
+ mem_ctx,
+ dc_name, /* server name */
+ user_info->smb_name.str, /* user name logging on. */
+ user_info->domain.str, /* domain name */
+ user_info->wksta_name.str, /* workstation name */
+ chal, /* 8 byte challenge. */
+ user_info->lm_resp, /* lanman 24 byte response */
+ user_info->nt_resp, /* nt 24 byte response */
+ &info3); /* info3 out */
+
+ /* Let go as soon as possible so we avoid any potential deadlocks
+ with winbind lookup up users or groups. */
release_server_mutex();
@@ -182,7 +203,7 @@
DEBUG(0,("domain_client_validate: unable to validate password "
"for user %s in domain %s to Domain controller %s. "
"Error was %s.\n", user_info->smb_name.str,
- user_info->domain.str, cli->srv_name_slash,
+ user_info->domain.str, dc_name,
nt_errstr(nt_status)));
/* map to something more useful */
@@ -190,32 +211,17 @@
nt_status = NT_STATUS_NO_LOGON_SERVERS;
}
} else {
- nt_status = make_server_info_info3(mem_ctx, user_info->internal_username.str,
- user_info->smb_name.str, domain, server_info, &info3);
+ nt_status = make_server_info_info3(mem_ctx,
+ user_info->internal_username.str,
+ user_info->smb_name.str,
+ domain, server_info,
+ &info3);
}
-#if 0
- /*
- * We don't actually need to do this - plus it fails currently with
- * NT_STATUS_INVALID_INFO_CLASS - we need to know *exactly* what to
- * send here. JRA.
- */
-
- if (NT_STATUS_IS_OK(status)) {
- if(cli_nt_logoff(&cli, &ctr) == False) {
- DEBUG(0,("domain_client_validate: unable to log off user %s in domain \
-%s to Domain controller %s. Error was %s.\n", user, domain, dc_name, cli_errstr(&cli)));
- nt_status = NT_STATUS_LOGON_FAILURE;
- }
- }
-#endif /* 0 */
-
/* Note - once the cli stream is shutdown the mem_ctx used
to allocate the other_sids and gids structures has been deleted - so
these pointers are no longer valid..... */
- cli_nt_session_close(cli);
- cli_ulogoff(cli);
cli_shutdown(cli);
return nt_status;
}
@@ -265,8 +271,13 @@
return NT_STATUS_NO_LOGON_SERVERS;
}
- nt_status = domain_client_validate(mem_ctx, user_info, domain,
- (uchar *)auth_context->challenge.data, server_info, dc_name, dc_ip);
+ nt_status = domain_client_validate(mem_ctx,
+ user_info,
+ domain,
+ (uchar *)auth_context->challenge.data,
+ server_info,
+ dc_name,
+ dc_ip);
return nt_status;
}
@@ -359,9 +370,13 @@
return NT_STATUS_NO_LOGON_SERVERS;
}
- nt_status = domain_client_validate(mem_ctx, user_info, user_info->domain.str,
- (uchar *)auth_context->challenge.data, server_info, dc_name, dc_ip,
- lp_workgroup(), SEC_CHAN_DOMAIN, trust_md4_password, last_change_time);
+ nt_status = domain_client_validate(mem_ctx,
+ user_info,
+ user_info->domain.str,
+ (uchar *)auth_context->challenge.data,
+ server_info,
+ dc_name,
+ dc_ip);
return nt_status;
}
Modified: branches/tmp/RPCREWRITE/source/registry/reg_cachehook.c
===================================================================
--- branches/tmp/RPCREWRITE/source/registry/reg_cachehook.c 2005-09-03 23:23:14 UTC (rev 10016)
+++ branches/tmp/RPCREWRITE/source/registry/reg_cachehook.c 2005-09-03 23:49:14 UTC (rev 10017)
@@ -36,7 +36,7 @@
BOOL reghook_cache_init( void )
{
- cache_tree = pathtree_init( &default_hook, NULL, NULL );
+ cache_tree = pathtree_init( &default_hook, NULL );
return ( cache_tree == NULL );
}
Modified: branches/tmp/RPCREWRITE/source/rpc_client/cli_netlogon.c
===================================================================
--- branches/tmp/RPCREWRITE/source/rpc_client/cli_netlogon.c 2005-09-03 23:23:14 UTC (rev 10016)
+++ branches/tmp/RPCREWRITE/source/rpc_client/cli_netlogon.c 2005-09-03 23:49:14 UTC (rev 10017)
@@ -623,7 +623,7 @@
NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
- const char *server_name_slash,
+ const char *server,
const char *username,
const char *domain,
const char *workstation,
@@ -638,7 +638,8 @@
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
NET_ID_INFO_CTR ctr;
int validation_level = 3;
- char *workstation_name_slash;
+ const char *workstation_name_slash;
+ const char *server_name_slash;
static uint8 zeros[16];
DOM_CRED clnt_creds;
DOM_CRED ret_creds;
@@ -650,8 +651,19 @@
creds_client_step(cli->dc, &clnt_creds);
- workstation_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", workstation);
- if (!workstation_name_slash) {
+ if (server[0] != '\\' && server[1] != '\\') {
+ server_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", server);
+ } else {
+ server_name_slash = server;
+ }
+
+ if (workstation[0] != '\\' && workstation[1] != '\\') {
+ workstation_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", workstation);
+ } else {
+ workstation_name_slash = workstation;
+ }
+
+ if (!workstation_name_slash || !server_name_slash) {
DEBUG(0, ("talloc_asprintf failed!\n"));
return NT_STATUS_NO_MEMORY;
}
More information about the samba-cvs
mailing list